NTP in non-global zone
I recently tried to set up ntp in a non-global zone with private networking.
The global zone only has access to the internal network, the "router zone" has access to the internet and a private network, other zones talk to that private network, but not directly to the internet ...
anyway, following this blog: http://thegeekdiary.com/how-to-configure-ntp-client-in-solaris-8910-and-non-global-zones/
I added the "sys_time" privilege to the zone, and rebooted, but NTP still wouldn't work, because the NTP startup script (/lib/svc/method/ntp) has a check to see if it is running in the global zone, which it doesn't need:
smf_is_globalzone || exit $SMF_EXIT_OK
I modified the script, commenting out the line and NTP is working happily.
I noticed that before I added the privilege to the zone I was getting messages like "setppriv: Not owner" in the log file for the NTP startup script, meaning I wasn't sure if we even need the global-zone check, however it might be better to have the script structured like:
ppriv -v $$ | grep 'E: .*sys_time' > /dev/null 2>&1 if [[ $? > 0 ]]; then smf_is_globalzone || exit $SMF_EXIT_OK fi